PHPackages battlerattle/doorman - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. battlerattle/doorman AbandonedArchivedLibrary[Authentication & Authorization](/categories/authentication) battlerattle/doorman ==================== RFC compliant Two Factor Authentication for Time-Based One-Time Password and HMAC-Based One-Time Password algorithm with support for Google Authenticator v1.1.0(8y ago)547MITPHPPHP ^7.0 Since Aug 19Pushed 8y ago1 watchersCompare [ Source](https://github.com/BattleRattle/doorman)[ Packagist](https://packagist.org/packages/battlerattle/doorman)[ RSS](/packages/battlerattle-doorman/feed)WikiDiscussions master Synced today READMEChangelog (1)Dependencies (1)Versions (2)Used By (0) Doorman ======= [](#doorman) Build status: [![Build Status](https://camo.githubusercontent.com/ecdc71bbd9f16929330455023f768b1dfa4eb85280d610d55f943c15b0d8fa23/68747470733a2f2f7472617669732d63692e6f72672f426174746c65526174746c652f646f6f726d616e2e706e673f6272616e63683d6d6173746572)](https://travis-ci.org/BattleRattle/doorman) Doorman is an RFC-compliant implementation of the TOTP (Time-Based One-Time Passsword, [RFC 6238](https://www.ietf.org/rfc/rfc6238.txt)) algorithm, which is commonly used for Two Factor Authentication. A wrapper for the [Google Authenticator](https://support.google.com/accounts/answer/1066447) - a key manager and code generator, which can be downloaded for free, is also available. It also works for other 3rd party code generators, that use the TOTP algorithm. Requirements ------------ [](#requirements) You need at least a **64-bit** version of PHP 5.4 or HHVM. Installation via Composer ------------------------- [](#installation-via-composer) Use Composer CLI: ``` php composer.phar require battlerattle/doorman:1.0.*@dev ``` Or add `battlerattle/doorman` to your `composer.json`: ``` "require": { "battlerattle/doorman": "1.0.*@dev" }, ``` Usage ----- [](#usage) This is a pretty basic example ``` use BattleRattle\Doorman\Authentication\TimeBasedAuthenticator; // get the code from user input $code = '...'; // the user's secret key $key = '...'; $authenticator = new TimeBasedAuthenticator(); $result = $authenticator->authenticate($key, $code); if ($result) { echo 'Welcome, you successfully logged in'; } else { echo 'Nope, please try again'; } ``` Google Authenticator -------------------- [](#google-authenticator) In this example we use the Google Authenticator, which uses base32-encoded keys, that will be decoded internally. ``` use BattleRattle\Doorman\Authentication\GoogleAuthenticator; $code = '...'; $key = '...'; $authenticator = new GoogleAuthenticator(); $result = $authenticator->authenticate($key, $code); if ($result) { echo 'Welcome, you successfully logged in'; } else { echo 'Nope, please try again'; } ``` Key Generator ------------- [](#key-generator) This generator creates "Google Authenticator"-compliant keys: ``` use BattleRattle\Doorman\KeyGeneration\GoogleAuthKeyGenerator; $keyGenerator = new GoogleAuthKeyGenerator; $key = $keyGenerator->generateKey(); // it's good practice to split the key into chunks of 4 characters for better readability $formattedKey = implode(' ', str_split($key, 4)); echo 'Add this key to your authenticator: ' . $formattedKey; ``` References ---------- [](#references) - [Better Security with Two Factor Authentication](http://www.slideshare.net/battlerattle/better-security-with-two-factor-authentication-php-unconference-2013) - presentation about functionality of Two Factor Authentication - [RFC 6238](https://www.ietf.org/rfc/rfc6238.txt) - official description of the "Time-Based One-Time Password" algorithm - [Google Authenticator](https://support.google.com/accounts/answer/1066447) - authenticator for Android / iPhone / BlackBerry - [Duo Mobile](http://guide.duosecurity.com/third-party-accounts) - authenticator for Android / iPhone ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity12 Limited adoption so far Community7 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 3187d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/9356f4c2fa8b6cc9e981d772c47633ba4fbd6b44b583bfad540488fba2a4e151?d=identicon)[BattleRattle](/maintainers/BattleRattle) --- Top Contributors [![BattleRattle](https://avatars.githubusercontent.com/u/1455740?v=4)](https://github.com/BattleRattle "BattleRattle (13 commits)") --- Tags google-authenticatorrfc-6238totptwo-factor-authenticationgoogle authenticatortotpRFC 6238Two Factor Authenticationone-time-passwordoath ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/battlerattle-doorman/health.svg) ``` [![Health](https://phpackages.com/badges/battlerattle-doorman/health.svg)](https://phpackages.com/packages/battlerattle-doorman) ``` ### Alternatives [spomky-labs/otphp A PHP library for generating one time passwords according to RFC 4226 (HOTP Algorithm) and the RFC 6238 (TOTP Algorithm) and compatible with Google Authenticator 1.5k46.1M119](/packages/spomky-labs-otphp)[paragonie/multi-factor Vendor-agnostic two-factor authentication library 142195.5k2](/packages/paragonie-multi-factor)[remotemerge/totp-php Lightweight, fast, and secure TOTP (2FA) authentication library for PHP — battle tested, dependency free, and ready for enterprise integration. 2010.2k](/packages/remotemerge-totp-php)[pedrosancao/php-otp PHP implementation of HMAC-based one-time password algorithm according to RFC 4226 and RFC 6238 compatible with Google Authenticator 1863.8k](/packages/pedrosancao-php-otp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)